Radio Frequency Identification (“RFID”) technology can be used to enable the tracking of individual products through a supply chain. For example, RFID tags with a unique identifier (“UID”) may be attached to each item passing through the nodes of the supply chain, and the UID associated with an item may be captured at distinct read points within an organization (e.g., a company) handling the item. A suitable reading device can be used to read the UID, and a corresponding event associated with the reading of the UID can be stored in a local database of the organization. By default, each organization only has access to RFID event data that was captured by readers belonging to the organization. An event trace of an item can be defined as the time ordered set of events associated with its UID as the item associated with the UID passes through the supply chain. A local event trace can be defined as the set of events stored in one organization's database or known to one organization, and a global event trace for an item associated with a UID can be defined as the union of local event traces for the UID across a plurality of, or all, the databases of individual organizations. That is, a global event trace can include a trace of all events for the item, or at least a plurality of events that occur at more than one organization, as the item traverses the supply chain.
Analysis of an item's trace through a network of nodes in a supply chain can be used to detect unusual or anomalous patterns of events, which may be indicative of an anomalous or counterfeit product in the supply chain. Counterfeit products can lead to huge financial losses for legally run business. For example, European Customs seize millions of counterfeit articles per year, which can correspond to the loss of hundreds of millions of dollars of revenue for legitimate businesses.
RFID technology can be used to authenticate a product by its UID and has been previously proposed for preventing and detecting counterfeiting in a supply chain. One prevention approach using RFID technology is to use cryptographic authentication of an RFID tag attached to a product, which inhibits counterfeiters from cloning tags and using the cloned tags to pass counterfeit goods through the supply chain. One detection approach using RFID technology is based on analyzing event traces of a product having a UID.
Detection of counterfeit products in a supply chain using event traces can be characterized by two conflicting requirements. On the one hand, most counterfeit products cannot be detected based on the analysis of a local event trace, so effective detection of a counterfeit product requires analysis of global event traces. However, on the other hand, companies are generally reluctant to share their local event traces with competitors, or even with known business partners in the legitimate supply chain, because item-level event data reveals a wealth of information about a company's operations and may enable espionage on business volumes and partners. For example, a risk associated with sharing RFID event data with other organizations is that the other organizations may used the event date to discover valuable quantitative information about the organization the provided the event data, such as, for example, the organization's strategic relationships with other organizations, suppliers, customers, the organization's volume of items handled, and the organization's design of the distribution channels. Companies may fear being penalized for unfair or inefficient behavior that could be discovered from their local event data and may fear that their business secrets about future strategic products or process restructurings might be revealed by their local event data. Thus, organizations are looking for a way of reaping the benefits of counterfeit detection through the analysis of event traces for products in the supply chain, but while sharing at the same time as little information as possible to mitigate the associated risks.